[Zope] Problems with assigning proxy roles to a python script
Matt Patterson
list-matt@reprocessed.org
Sat, 21 Jun 2003 19:41:06 +0100
On Saturday, June 21, 2003, at 07:12 PM, Geir B=E6kholt wrote:
> On Sat, 21 Jun 2003 18:00:11 +0100 GMT (..19:00 where i live(GMT+2) )
> Matt Patterson asked the Zope mailinglist about the following:
>
>> You are not authorized to change addUserScript because you do not =
have
>> proxy roles. (Also, an error occurred while attempting to render the
>> standard error message.)
>
> That error message is not very well-worded. It really means that
> *you*, the user assigning the proxy-role cannot assign roles you don't
> have yourself.
Ah, I see - hence why I, with the Manager role, could assign Manager as =20=
a proxy to the script...
> So, if you set your manager-user up with the "adduser" role, you can
> freely asssign adduser-proxies whereever you like.
Cool.
> but there is no danger related to assigning the "manager" role to the
> script if no non-managers are allowed to edit it.
Not even if the manage_edit interface was called on the script when it =20=
had the Manager proxy role? i.e. does this mean that proxy roles only =20=
apply when the script is __call__ed, and not when any of its other Zope =20=
methods (like manage_edit or document_src) are called...
> You can read more about roles and proxies here :
> http://www.zope.org/Documentation/Books/ZopeBook/2_6Edition/=20
> Security.stx
I did read that, but the example made me think that I had to be a =20
Manager to assign any proxy roles - the example was confusing on that =20=
point...
Many thanks for the prompt response!
Matt
--=20
Matt Patterson | Typographer
<matt@emdash.co.uk> | http://www.emdash.co.uk/
<matt@reprocessed.org> | http://reprocessed.org/